Scenario |
Example |
|
|---|---|---|
Wired MAC address authentication |
MAC address authentication is performed for dumb terminals such as printers through a RADIUS server. |
Example for Configuring MAC Address Authentication (AAA RADIUS Authentication Is Used) |
MAC address + local authentication is performed for dumb terminals such as printers. |
Example for Configuring MAC Address Authentication (AAA Local Authentication Is Used) |
|
IP phones connect to switches through MAC address authentication triggered by LLDP or CDP packets. |
||
In the L2 BNG scenario, the core switch performs MAC address + RADIUS authentication for residential home users to access networks of different carriers. |
||
802.1X authentication and user access policies are centrally deployed on the authentication gateway through policy association, and the user access policies are executed on access devices, simplifying access device deployment. |
||
Wireless MAC address authentication |
MAC address authentication is performed for wireless dumb terminals such as printers through a RADIUS server. |
Example for Configuring MAC Address Authentication on the Wireless Side |
Wired 802.1X authentication |
Access switches perform 802.1X authentication for users through a RADIUS server. |
Example for Configuring 802.1X Authentication (Authentication Point on the Access Switch) Delivering VLANs or ACLs to Successfully Authenticated Users on Huawei Agile Controller-Campus |
Aggregation switches perform 802.1X authentication for users through a RADIUS server. |
Example for Configuring 802.1X Authentication (Authentication Point on the Aggregation Switch) |
|
802.1X authentication is performed for Windows clients through the RADIUS and AD servers. |
||
When RADIUS servers are faulty, access switches grant network access rights to users in 802.1X authentication escape state. |
||
Users often connect their terminals to the network from different locations; for example, they may move their laptops to other offices. The aggregation switch performs 802.1X + RADIUS authentication for these users. |
||
Access switches perform MAC address authentication for IP phones and 802.1X authentication for PCs connected to IP phones through a RADIUS server. |
||
IP phones connect to access switches without authentication, and PCs connected to IP phone connect to access switches through 802.1X authentication using a RADIUS server. |
||
Wireless 802.1X authentication |
The aggregation switch performs 802.1X + RADIUS authentication for wireless users, and terminal types are identified so that only terminals meeting specified requirements can access the network. |
Example for Configuring Terminal Type Identification in 802.1X + RADIUS Authentication |
Wireless Portal authentication |
An external Portal server using the Portal protocol is deployed, and Portal authentication is performed for wireless users on Layer 2 networks through a RADIUS server. |
Example for Configuring Portal Authentication on the Wireless Side (on a Layer 2 Network) |
An external Portal server using the Portal protocol is deployed, and Portal authentication is performed for wireless users on Layer 3 networks through a RADIUS server. |
Example for Configuring Portal Authentication on the Wireless Side (on a Layer 3 Network) |
|
In WLAN AC bypass scenarios, Portal authentication is performed for wireless users through a RADIUS server. |
||
After wireless users pass Portal authentication for the first time and go offline, they can access the network again without entering their user names and passwords. |
Example for Configuring MAC Address-prioritized Portal Authentication |
|
Wireless-to-wired Portal authentication |
When non-Huawei WLAN access devices are used in a wireless-to-wired authentication scenario, the core switch performs WeChat authentication for users. |
Example for Configuring WeChat Authentication in a Wireless-to-Wired Scenario |
When WLAN access devices are non-Huawei devices in a wireless-to-wired authentication scenario, the aggregation switch performs MAC address-prioritized Portal authentication and RADIUS authentication for users. |
||
Multi-mode authentication for wired and wireless users |
The aggregation switch performs 802.1X + MAC address authentication for wired and wireless users through a RADIUS server. |
Configuring 802.1X and MAC Address Authentication for Access Users on Huawei Agile Controller-Campus |
The core switch performs 802.1X, MAC address, and Portal authentication for wired and wireless users. |
Example for Configuring Multi-mode Authentication for Wired and Wireless Users |
|